Not able to disable finger & telnet command in Solaris 8 Post: 303040578

Sponsored Content

Operating Systems Solaris Not able to disable finger & telnet command in Solaris 8 Post 303040578 by Neo on Friday 1st of November 2019 03:59:50 AM

11-01-2019

Administrator

You certainly can use built in utilities like configuration files to disable executables.

But if you REALLY want to be secure (insure telnetd cannot run in the future, for example), just remove them from the server or just change the name (move them) to something like

Code:

mv telnetd disabled_by_amity_nov_2013_telnetd

That is what I do... and then they are easy to search for as well, if you need to find them.

I do this a lot on production web servers because malware cannot execute a file if it does not exist. For example, curl.

If you do this, for example:

Code:

mv curl to amity_curl

Then malware which uses curl to download backdoors, etc. cannot access curl since they have no idea you renamed it.

There are many simple things you can do to keep your system more secure than what is considered "traditional ways" to do things.

Anyway, YMMV, but this is what I do. But then again, I have manage public sites on the Internet for decades which are constantly under attack, 365 days a year, 24 hours a day.

This User Gave Thanks to Neo For This Post:

Neo

View Public Profile for Neo

Visit Neo's homepage!

Find all posts by Neo

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

finger command

Hello all, Here is what I am trying to do. If a user exist, then send an echo "EXIST" or else "DOES NOT EXIST". (under HP-UX) Kind of: #!/usr/bin/sh USER=mylogin finger $USER if $? = 0 then echo "EXIST"" else echo "DOES NOT EXIST" fi

2. Solaris

disable telnet on Solaris

All - would you please some one help me to disable telnet on Solaris? /etc/inetd.conf Thanks :confused:

3. Solaris

Disable telnet timeout

Hi, Can someone help me how I can disable telnet timeout? I'm connecting remotely to some machines and after some time my telnet connection was closed. How can I disable this so that I'm always connected to those machines? Thanks!

4. Solaris

disable telnet on the startup

Hi All, I want to disable telnet on the startup of solaris 8-10 but still wants for a standby purposes. In case I need to troubleshoot ssh, I can connect thru telnet. Most solution on the internet is to permanently removed it. Best Regards, itik

5. Solaris

SSH enable, Telnet disable ...

Hi... How do I enable SSH and disable telnet.. Also - is there anything special I need to do to ensure that a new user can use ssh and su but not telnet? Adel

6. Solaris

Disable telnet for a particular user

On Solaris 8 is there anyway to disable telnet for a particular user and not for entire system altogether? I would like the user to retain a shell and so creating a noshell like ftp account is not an option.

7. AIX

Allow telnet in AIX from specific IP adds, but disable for everyone else

I need to change the security on our AIX servers and disable telnet from all but certain IP addresses. I have hashed the telnet line in /etc/inetd.conf and added filter rules for those IP adds to allow access on port 23, but this didn't work. Does anyone have any ideas? Thanks.

8. Solaris

Having problems with finger on Solaris 10

I have a bunch of Solaris systems and for the 8/9 systems, I can type "finger -s 2" to get a list of all users (whether they are logged in or not) and the last time they logged in. I have some new 10 systems and this command does not work. Does anybody know whether this was changed in Solaris 10?...

9. Solaris

Solaris Finger Service Problem

I have been instructed to disable the finger service for our Solaris 10 box. However when I input #svcadm disable finger I receive: "svcadm: Pattern 'finger' does not match any instances. I have also tried to edit the inetd config file and comment out the finger part but Solaris has basically...

10. Shell Programming and Scripting

What is the use of "finger" command & how to use it to kill the online processes ?

Hi there, I am eager to know what exactly is the use of "finger" command & how to use it to kill the online processes ? :b:

LEARN ABOUT DEBIAN

safe_finger

SAFE_FINGER(8)						     Linux Programmer's Manual						    SAFE_FINGER(8)

NAME

       safe_finger - finger client wrapper that protects against nasty stuff from finger servers

SYNOPSIS

       safe_finger [finger_options]

DESCRIPTION

       The  safe_finger  command  protects  against nasty stuff from finger servers. Use this program for automatic reverse finger probes from the
       tcp_wrapper (tcpd) , not the raw finger command. The safe_finger command makes sure that the finger client is not run with root privileges.
       It  also  runs  the finger client with a defined PATH environment.  safe_finger will also protect you from problems caused by the output of
       some finger servers. The problem: some programs may react to stuff in the first column. Other programs may get upset by thrash anywhere	on
       a  line.  File  systems may fill up as the finger server keeps sending data. Text editors may bomb out on extremely long lines.	The finger
       server may take forever because it is somehow wedged.  safe_finger takes care of all this badness.

SEE ALSO

       hosts_access(5), hosts_options(5), tcpd(8)

AUTHOR

       Wietse Venema, Eindhoven University of Technology, The Netherlands.

Linux								  21th June 1997						    SAFE_FINGER(8)

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

finger command

Discussion started by: qfwfq

2. Solaris

disable telnet on Solaris

Discussion started by: March_2007

3. Solaris

Disable telnet timeout

Discussion started by: ayhanne

4. Solaris

disable telnet on the startup

Discussion started by: itik